Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0600 | 2 Netscape, Novell | 2 Enterprise Server, Netware | 2017-10-10 | 7.5 HIGH | N/A |
| Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL. | |||||
| CVE-2000-0610 | 1 Netwin | 2 Cwmail, Dmailweb | 2017-10-10 | 5.0 MEDIUM | N/A |
| NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to bypass authentication and use the server for mail relay via a username that contains a carriage return. | |||||
| CVE-2000-0611 | 1 Netwin | 2 Cwmail, Dmailweb | 2017-10-10 | 5.0 MEDIUM | N/A |
| The default configuration of NetWin dMailWeb and cwMail trusts all POP servers, which allows attackers to bypass normal authentication and cause a denial of service. | |||||
| CVE-2000-0613 | 1 Cisco | 1 Pix Firewall | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco Secure PIX Firewall does not properly identify forged TCP Reset (RST) packets, which allows remote attackers to force the firewall to close legitimate connections. | |||||
| CVE-2000-0615 | 1 Astart Technologies | 1 Lprng | 2017-10-10 | 2.1 LOW | N/A |
| LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace and logging messages to files. | |||||
| CVE-2000-0619 | 1 Toplayer | 1 Appswitch | 2017-10-10 | 5.0 MEDIUM | N/A |
| Top Layer AppSwitch 2500 allows remote attackers to cause a denial of service via malformed ICMP packets. | |||||
| CVE-2000-0620 | 2 Open Group, Xfree86 Project | 2 X, X11r6 | 2017-10-10 | 5.0 MEDIUM | N/A |
| libX11 X library allows remote attackers to cause a denial of service via a resource mask of 0, which causes libX11 to go into an infinite loop. | |||||
| CVE-2000-0622 | 1 Oreilly | 1 Website Professional | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in Webfind CGI program in O'Reilly WebSite Professional web server 2.x allows remote attackers to execute arbitrary commands via a URL containing a long "keywords" parameter. | |||||
| CVE-2000-0624 | 1 Nullsoft | 1 Winamp | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in Winamp 2.64 and earlier allows remote attackers to execute arbitrary commands via a long #EXTINF: extension in the M3U playlist. | |||||
| CVE-2000-0627 | 1 Blackboard | 1 Courseinfo | 2017-10-10 | 7.5 HIGH | N/A |
| BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs such as user_update_passwd.pl and user_update_admin.pl. | |||||
| CVE-2000-0628 | 1 Joshua Chamas | 1 Apache Asp | 2017-10-10 | 7.5 HIGH | N/A |
| The source.asp example script in the Apache ASP module Apache::ASP 1.93 and earlier allows remote attackers to modify files. | |||||
| CVE-2000-0632 | 1 Lsoft | 1 Listserv | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in the web archive component of L-Soft Listserv 1.8d and earlier allows remote attackers to execute arbitrary commands via a long query string. | |||||
| CVE-2000-0633 | 3 Conectiva, Mandrakesoft, Redhat | 3 Linux, Mandrake Linux, Linux | 2017-10-10 | 2.1 LOW | N/A |
| Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system. | |||||
| CVE-2000-0634 | 1 Stalker | 1 Communigate Pro | 2017-10-10 | 5.0 MEDIUM | N/A |
| The web administration interface for CommuniGate Pro 3.2.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0635 | 1 Akopia | 1 Minivend | 2017-10-10 | 7.5 HIGH | N/A |
| The view_page.html sample page in the MiniVend shopping cart program allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0636 | 1 Hp | 1 Jetdirect | 2017-10-10 | 5.0 MEDIUM | N/A |
| HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow remote attackers to cause a denial of service via a malformed FTP quote command. | |||||
| CVE-2000-0638 | 1 Sean Macguire | 1 Big Brother | 2017-10-10 | 10.0 HIGH | N/A |
| bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the HOSTSVC parameter. | |||||
| CVE-2000-0639 | 1 Sean Macguire | 1 Big Brother | 2017-10-10 | 7.5 HIGH | N/A |
| The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server. | |||||
| CVE-2000-0640 | 1 Steve Poulsen | 1 Guildftpd | 2017-10-10 | 7.5 HIGH | N/A |
| Guild FTPd allows remote attackers to determine the existence of files outside the FTP root via a .. (dot dot) attack, which provides different error messages depending on whether the file exists or not. | |||||
| CVE-2000-0641 | 1 Michael Lamont | 1 Savant Webserver | 2017-10-10 | 7.5 HIGH | N/A |
| Savant web server allows remote attackers to execute arbitrary commands via a long GET request. | |||||
| CVE-2000-0642 | 1 Itafrica | 1 Webactive | 2017-10-10 | 5.0 MEDIUM | N/A |
| The default configuration of WebActive HTTP Server 1.00 stores the web access log active.log in the document root, which allows remote attackers to view the logs by directly requesting the page. | |||||
| CVE-2000-0643 | 1 Itafrica | 1 Webactive | 2017-10-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in WebActive HTTP Server 1.00 allows remote attackers to cause a denial of service via a long URL. | |||||
| CVE-2000-0644 | 1 Texas Imperial Software | 1 Wftpd | 2017-10-10 | 5.0 MEDIUM | N/A |
| WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing a STAT command while the LIST command is still executing. | |||||
| CVE-2000-0650 | 1 Network Associates | 2 Netshield, Virusscan | 2017-10-10 | 2.1 LOW | N/A |
| The default installation of VirusScan 4.5 and NetShield 4.5 has insecure permissions for the registry key that identifies the AutoUpgrade directory, which allows local users to execute arbitrary commands by replacing SETUP.EXE in that directory with a Trojan Horse. | |||||
| CVE-2000-0651 | 1 Novell | 1 Bordermanager | 2017-10-10 | 7.5 HIGH | N/A |
| The ClientTrust program in Novell BorderManager does not properly verify the origin of authentication requests, which could allow remote attackers to impersonate another user by replaying the authentication requests and responses from port 3024 of the victim's machine. | |||||
| CVE-2000-0652 | 1 Ibm | 1 Websphere Application Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| IBM WebSphere allows remote attackers to read source code for executable web files by directly calling the default InvokerServlet using a URL which contains the "/servlet/file" string. | |||||
| CVE-2000-0660 | 1 Alt-n | 1 Worldclient | 2017-10-10 | 5.0 MEDIUM | N/A |
| The WDaemon web server for WorldClient 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0661 | 1 Wircsrv | 1 Irc Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| WircSrv IRC Server 5.07s allows remote attackers to cause a denial of service via a long string to the server port. | |||||
| CVE-2000-0664 | 1 Analogx | 1 Simpleserver Www | 2017-10-10 | 5.0 MEDIUM | N/A |
| AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack that uses the %2E URL encoding for the dots. | |||||
| CVE-2000-0665 | 1 Gamsoft | 1 Telsrv | 2017-10-10 | 5.0 MEDIUM | N/A |
| GAMSoft TelSrv telnet server 1.5 and earlier allows remote attackers to cause a denial of service via a long username. | |||||
| CVE-2000-0668 | 3 Conectiva, Michael K. Johnson, Redhat | 3 Linux, Pam Console, Linux | 2017-10-10 | 5.0 MEDIUM | N/A |
| pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled. | |||||
| CVE-2000-0671 | 1 Roxen | 1 Webserver | 2017-10-10 | 5.0 MEDIUM | N/A |
| Roxen web server earlier than 2.0.69 allows allows remote attackers to bypass access restrictions, list directory contents, and read source code by inserting a null character (%00) to the URL. | |||||
| CVE-2000-0674 | 1 Virtual Vision | 1 Ftp Browser | 2017-10-10 | 5.0 MEDIUM | N/A |
| ftp.pl CGI program for Virtual Visions FTP browser allows remote attackers to read directories outside of the document root via a .. (dot dot) attack. | |||||
| CVE-2000-0675 | 1 Infopulse | 1 Gatekeeper | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in Infopulse Gatekeeper 3.5 and earlier allows remote attackers to execute arbitrary commands via a long string. | |||||
| CVE-2000-0677 | 1 Ibm | 1 Net.data | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary commands via a long PATH_INFO environmental variable. | |||||
| CVE-2000-0698 | 1 Minicom | 1 Minicom | 2017-10-10 | 5.0 MEDIUM | N/A |
| Minicom 1.82.1 and earlier on some Linux systems allows local users to create arbitrary files owned by the uucp user via a symlink attack. | |||||
| CVE-2000-0702 | 1 Hp | 1 Hp-ux | 2017-10-10 | 7.2 HIGH | N/A |
| The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file. | |||||
| CVE-2000-0716 | 1 Alt-n | 1 Mdaemon | 2017-10-10 | 2.6 LOW | N/A |
| WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email. | |||||
| CVE-2000-0717 | 1 Goodtech | 2 Ftp Server 95 98, Ftp Server Nt 2000 | 2017-10-10 | 5.0 MEDIUM | N/A |
| GoodTech FTP server allows remote attackers to cause a denial of service via a large number of RNTO commands. | |||||
| CVE-2000-0720 | 1 Gwscripts | 1 Gwscripts News Publisher | 2017-10-10 | 5.0 MEDIUM | N/A |
| news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program. | |||||
| CVE-2000-0726 | 1 Stalkerlab | 1 Mailers | 2017-10-10 | 2.6 LOW | N/A |
| CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote attackers to read arbitrary files by specifying the file in the $Attach$ hidden form variable. | |||||
| CVE-2000-0729 | 1 Freebsd | 1 Freebsd | 2017-10-10 | 2.1 LOW | N/A |
| FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header. | |||||
| CVE-2000-0731 | 1 Jeremy Arnold | 1 Worm Webserver | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Worm HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0732 | 1 Jeremy Arnold | 1 Worm Webserver | 2017-10-10 | 5.0 MEDIUM | N/A |
| Worm HTTP server allows remote attackers to cause a denial of service via a long URL. | |||||
| CVE-2000-0738 | 1 Network Associates | 1 Webshield Smtp | 2017-10-10 | 5.0 MEDIUM | N/A |
| WebShield SMTP 4.5 allows remote attackers to cause a denial of service by sending e-mail with a From: address that has a . (period) at the end, which causes WebShield to continuously send itself copies of the e-mail. | |||||
| CVE-2000-0739 | 1 Network Associates | 1 Net Tools Pki Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTPS request to the enrollment server. | |||||
| CVE-2000-0740 | 1 Network Associates | 1 Net Tools Pki Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary commands via a long URL in the HTTPS port. | |||||
| CVE-2000-0747 | 1 Conectiva | 1 Linux | 2017-10-10 | 10.0 HIGH | N/A |
| The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and kills it. | |||||
| CVE-2000-0749 | 1 Freebsd | 1 Freebsd | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in the Linux binary compatibility module in FreeBSD 3.x through 5.x allows local users to gain root privileges via long filenames in the linux shadow file system. | |||||
| CVE-2000-0753 | 1 Microsoft | 1 Outlook | 2017-10-10 | 5.0 MEDIUM | N/A |
| The Microsoft Outlook mail client identifies the physical path of the sender's machine within a winmail.dat attachment to Rich Text Format (RTF) files. | |||||